Event 1028 - Automatic Download Blocking

Applies To: Windows 7, Windows Vista

Automatic Download Blocking provides the automatic suppression of file-download dialog boxes that are not the result of a user action, such as a mouse click or keystroke. When a dialog box is automatically blocked, the Information Bar appears at the top of the window, stating:

"To help protect your security, Windows® Internet Explorer® blocked this site from downloading files to your computer. Click here for more options…"

Users then have the option to download the blocked content, by clicking the Information Bar.

By moving download prompts to the Information Bar, you prevent users from installing unwanted code on their computers. Previously, sites overwhelmed users with file-download prompts and, as a result, users accidentally ran unwanted software on their computer. With this change, file-download prompts launched automatically are more likely the result of a user's deliberate click and not an accidental action.

When Is This Event Logged?

This event is logged when an attempt is made to download a file that is not initiated by the user.

Note

For more information and examples, see the Event 1028-Automatic Download Blocking topic from Internet Explorer Application Compatibility.

Remediation

Applications that host the WebBrowser control can take advantage of the tighter restrictions on file downloads. You manage the restrictions through a security feature control registry key (FEATURE_RESTRICT_FILEDOWNLOAD). Internet Explorer (Iexplore.exe) and Windows® Explorer (Explorer.exe) run under this feature control by default. The following shows where to add the registry keys:

  • HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER)\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD\iexplore.exe= 0x00000001

  • HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER)\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD\explorer.exe= 0x00000001

  • HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER)\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD\process name.exe=0x00000001

Applications that host the WebBrowser control can also take advantage of the security feature control, by adding their process to the same registry locations. You can do this programmatically, by using the CoInternetSetFeatureEnabled function.

Note

If an application does not run under this security feature control, the WebBrowser control behaves the same as previous versions of Internet Explorer.

When a process is running the security feature control for file download restrictions, the URL action flag URLACTION_AUTOMATIC_DOWNLOAD_UI determines whether to use the Information Bar for file downloads.

Note

You might choose to update Web sites that contain an image of the Download dialog box, used to instruct users where to click to accept the control, to reflect the new dialog box for users of the Windows 7® operating system. Use the userAgent string to determine the correct version of the browser.

What Happens If I Disable This Security Feature?

If you disable this feature, malicious sites can overwhelm users with file-download prompts and, as a result, users can accidentally accept downloading and running unwanted or hostile software on their computers. We do not recommend this action and strongly suggest that developers not rely on customers turning this feature off.

See Also

Concepts

Known Internet Explorer Security Feature Issues